oval:org.mitre.oval:def:27025

Definition Id: oval:org.mitre.oval:def:27025
 
Oval ID: oval:org.mitre.oval:def:27025
Title: SUSE-SU-2014:1220-1 -- Security update for mozilla-nss
Description: Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568>
Family: unix Class: patch
Reference(s): SUSE-SU-2014:1220-1
CVE-2014-1568
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): mozilla-nss
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17270
 
Oval ID: oval:org.mitre.oval:def:17270
Title: SUSE Linux Enterprise Server 11.x is installed
Description: SUSE Linux Enterprise Server 11.x is installed.
Family: unix Class: inventory
Reference(s): cpe:/o:novell:suse_linux:11::server
Version: 5
Platform(s): SUSE Linux Enterprise Server 11
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:27025
Definition Id: oval:org.mitre.oval:def:25140
 
Oval ID: oval:org.mitre.oval:def:25140
Title: SUSE Linux Enterprise Desktop 11.x is installed
Description: SUSE Linux Enterprise Desktop 11.x is installed.
Family: unix Class: inventory
Reference(s): cpe:/o:suse:suse_linux:11::desktop
Version: 3
Platform(s): SUSE Linux Enterprise Desktop 11
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:27025